Digital Forensics - High 10 Challenges

Introduction
The flexibility of criminals and terrorists to maximise the opportunities offered by new technology is continually evolving. Burying incriminating knowledge inside the increasing storage capability of PCs and laptops presents the police and security forces with new and demanding challenges; challenges that are exacerbated by the terribly short house of your time in that examinations of seized assets will take place. Through expertise gained delivering solutions across the UK Security & Resilience community, Andrew Nanson presents the Prime ten challenges that organisations are possible to face when implementing digital forensics solutions.
1. Storage
When each suspect can store over 10 terabytes of information on home equipment, a forensic laboratory must be ready to cope with the uploading, retention and manipulation of that data. It's no longer viable to depend upon native storage for every analyst. Centralised-storage is turning into a necessity.
To deal with this issue, we have a tendency to have checked out the benefits offered by Fibre-Channel storage for the initial uploading and subsequent retention of data. Fibre-Channel storage is fast, reliable and supports very high levels of input-output for multiple applications and intensive processes, like indexing. This can be ideal for forensic laboratories that has to perform to timescales and cannot afford for their capability to fail.
Additionally, we have a tendency to believe it's advisable to complement the Fibre-Channel storage with very massive amounts of Serial Advanced Technology Attachment (SATA) storage. SATA is affordable and reliable. By providing both Fibre-Channel and SATA disk storage, it is potential to balance the important needs of a forensic laboratory, at the simplest doable price.
The answer has been proven working alongside forensic-analysts using real data at a ListX facility in Bristol.
2. Backup / archive
Forensic laboratories are usually currently scaled to hold up to 1 PetaByte of on-line storage. We have a tendency to have devised a manageable solution that guarantees against loss of data. Furthermore, it does this without impacting on the performance of a system; a system that has got to be operational twenty four/7/365.
By taking a 'snapshot' of the information before it's sent to offline media, the performance of the live storage isn't degraded. This provides the users and also the business with what it wants: a system without planned downtime.
3. Application performance
The effectiveness of forensic laboratories is typically right down to the performance of the applications that are used by the forensic analysts. This is often either because the applications do
not yet take advantage of modern hardware, or because the nature of their operate is such that they will never perform as quickly as the business would like. To handle this issue, VEGA can devise solutions that permits the foremost intensive forensic applications to be served from powerful-servers. This enables applications to operate with as very little 'lag' as possible.
By providing multiple variables of the same application, forensic analysts will initiate multiple actions from one workstation. This ends up in greatly increased productivity, removing 'dead-time' where analysts could have traditionally had to wait hours before undertaking other activities.
4. Scalability
All technology solutions have their limits, typically requiring a step-modification in hardware or software to expand or contract. This could be a prohibitive factor in gradual expansion of capabilities due to the price related to this step-change.
Thus, developing solutions that are totally scalable, supporting capability and user enlargement / contraction through modularised technology is crucial as these will be designed to scale up to a PetaByte of storage from the beginning and can be additional increased if required. There's no theoretical limit on the quantity of users that may be hosted.
In addition, as the bulk of forensic applications are served, thin-shoppers will be deployed at intervals minutes anywhere, with the total set of forensic tools needed for any investigation.
5. Malware protection
One amongst the most important problems for forensic laboratories is unknown malware. To understand what an unidentified piece of software will do, analysts generally want to reverse engineer it, or execute it and monitor what it does. If it transpires to be unknown malware, there's the potential of corrupting the whole forensic laboratory and calling into doubt the integrity of the environment used to produce evidence.
Even the best anti-virus programmes solely mitigate known risks and attack-vectors. Thus, a series of security-implementing functions should invariably be designed that are invisible to the user and enable forensic analysts to look at unknown code without risk to the integrity of the forensic laboratory.
6. Accreditation
The high profile data losses of recent years have propelled the problem of information assurance to the high of the political agenda. Having devised secure systems for the most sensitive elements of UK Government, we have a tendency to have the experience to make a solution that complies with HMG Manual of Protecting Security, furthermore JSP440. The safety implementing functions mitigate against high confidentiality, integrity and availability requirements.
7. System Integration
Forensic laboratories are normally isolated technical units that use an air-gap between themselves and the main desktop infrastructure. A answer will embody secure and reliable integration ways that enable organisations to transfer information safely, between company systems and laboratories. This can be primarily based on devising ways to bring multiple sources of knowledge along, to provide a seamless system that meets accreditation necessities, along with extends the data out there to users.
8. Support
It is unacceptable for forensic laboratories to require a high level of maintenance. Specialist understand this and have created a resolution based on Commercial Off The Shelf (COTS) products, that suggests that shoppers don't seem to be tied into any supplier for long-term support, since the skills required are readily available.
9. Longevity
The speedy development of knowledge technology and the ability of criminals and terrorists to use them to their advantage, demands that any digital forensic solution is able to evolve quickly and with minimum disruption. We have a tendency to work with leading forensic application suppliers to ensure that we tend to perceive how best to improve capability for users currently and within the future. Solutions should take account of the newest hardware in production, software development, and therefore the ever-increasing burden on forensic analysts which of the business. This long-term designing and investment demonstrates our commitment to the present field.
10. Guaranteeing best price-for-money
As public sector budgets return underneath increasing pressure, and expenditure faces intense scrutiny, organisations must ensure investment in IT provides worth-for-money.

Article Source: http://www.free-article-info.com/ArticleDashboard

Adam has been writing articles online for nearly 2 years now. Not only does this author specialize in Digital Forensics - High 10 Challenges You can also check out his latest website about cheapvansshoe Which reviews and lists the best Vans Shoes Women

Please Rate this Article

5 out of 54 out of 53 out of 52 out of 51 out of 5 

Not yet Rated